CORBA and CORBA Security

1
CORBA andCORBA Security

• August Mayer, Graduate Project 2001
• http//corbasec.n3.net

2
Contents

• CORBA
• Introduction
• History
• Products
• Concepts
• Programming

• CORBA Security
• Introduction, History
• Products
• Concepts
• Programming

3
CORBA What?

• Common Object Request Broker Architecture
• Facility for interaction between objects
• on different machines
• concurrent execution
• Object model derived from OMA
• Object Management Architecture abstract

4
CORBA History

• OMG Object Management Group
• founded in 1989 by a group of companies,
  organizations and academia including
  Hewlett-Packard, Sun, Canon
• CORBA Specifications published
• 1.1 1991
• 2.0 Dec. 1994
• 2.4.2 current version (July 2001)

5
CORBA Products (1/2)

• Iona Orbix, Orbacus
• OrbixWeb for Java
• new version Orbix2000
• Orbacus previously ObjectBroker, by OOC
• Inprise/Borland VisiBroker
• a version built into Netscape 4.x Browser!
• IBM Component Broker
• part of WebSphere Application Server
• etc.

6
CORBA Products (2/2)

• free ORBs
• MICO MICO Is CORBA
• Univ. Frankfurt GPL
• JacORB
• Freie Univ. Berlin LGPL
• TAO The ACE ORB
• Washington Univ. in St. Louis
• Orbit
• for GNOME desktop environment GPL/LGPL

7
CORBA Basic model (1/2)

• ORB Object Request Broker
• relies on Object Services
• relies on Common Facilities

8
CORBA The ORB

• central facility that ties all together
• minimal functionality for location-, language-
  and platform-independent communication
• functions
• initial access to services, creating basic
  objects, basic data types etc.
• ORB.resolve_initial_references(..)
• ORB.string_to_object(..), ORB.object_to_string(..)

9
CORBA Services

• provide basic services / functionalities
• currently specified (official)

Collection Service Persistent Object Service
Concurrency Service  Property Service Event
Service Query Service Externalization Service
Relationship Service
Naming Service Security Service Licensing
Service Time Service Life Cycle Service
Trading Object Service Notification Service
Transaction Service
10
CORBA Facilities

• provide services on a higher level
• end-user oriented
• applicable to multiple domains
• currently specified (officially)
• Time and Internationalization
• Mobile Agent Facility

11
CORBA Programming?

• write IDL (Interface Definition Language)
• compile IDL
• add object implementations
• add main programs for server, client

12
CORBA IDL (1/3)

• Interface Description Language
• describes only the interfaces
• system independent
• syntax resembles to C/C/Java
• like C header files, interface in Pascal

13
CORBA IDL (2/3)

• compiled by IDL compiler
• result stub, skeleton in target language
• Stub for client
• imposter of the server object
• forwards method calls etc. to remote machine, if
  necessary
• Skeleton
• basis for object implementation
• enables methods etc. to be also called from e.g.
  a remote machine

14
CORBA IDL (3/3)

• Example

// this defines the AddressBook modulemodule
AddressBook interface Person attribute
string name string sendEMail(in string
fromWhom)
15
CORBA Object Implementation

• need to implement the methods and attribute
  accessors defined in IDL
• ImplBase method
• implementor creates class derived from generated
  base class
• Tie method
• implementor creates own class, attaches to the
  system with a generated Tie class

16
CORBA client, server main programs

• create, initialize ORB and BOA
• ORB Object Request Broker
• BOA Basic Object Adapter
• basic object, often product-dependent
• register object
• in Name service directory of CORBA objects
• in Implementation repository (Iona Orbix)
• server start server loop
• C/C dispose of object

17
CORBA CORBA Security

• Questions about CORBA?

18
CORBA Security (1/3)

• Current version 1.7 (March 2001)
• Initial Version 1.1 Dec. 1997
• is a CORBA service
• has IDL descriptions
• but needs special provisions (in ORB etc.)

19
CORBA Security (2/3)

• provides functions to secure the object
  interactions
• confidentiality
• e.g. encryption of method invocations,authenticat
  ion of users and services
• integrity
• accountability
• e.g. logging / auditing

20
CORBA Security (3/3)

• Services provided
• identification and authentication of principals
• authorization, access control
• security auditing
• security of communications (e.g. link encryption)
  
• administration of security informations
• and, optionally, non-repudiation.

21
CORBA Sec. Products

• MICOsec
• by ObjectSecurity, for MICO
• ORBasec
• by Adiron, for Iona Orbacus
• Iona Orbix2000
• Inprise Security Service
• and others (IBM, ...)

22
CORBA Sec. Concepts (1/2)

• Principal
• represents user or service in system
• like in Kerberos
• Current
• Spec. state information for a given service and
  execution environment
• i.e. the current threads parameters for securely
  communicating with a specific service
• the only interface that is accessible in Level 1

23
CORBA Sec. Concepts (2/2)

• Credentials, Delegation
• represents credentials for a given principal
• e.g. privileges, identity attributes
• Authentication
• principals establishing its credentials
• Security mechanism
• concrete method of obtaining security
• e.g. Kerberos, SSL

24
CORBA Sec. Programming (1/3)

• Security Levels
• Level 1 from outside
• application can only query current status
• Java org.omg.SecurityLevel1.
• Level 2 security set up by application
• all APIs accessible
• Java org.omg.SecurityLevel2.

25
CORBA Sec. Programming (2/3)

• Security API structure
• org.omg.Security common data types
• org.omg.SecurityLevel1 for Level-1 apps
• org.omg.SecurityLevel2 for Level-2 apps
• org.omg.SecurityAdmin
• querying, modifying security policies
• org.omg.NRService
• optional non-repudiation features
• org.omg.SecurityReplaceable
• for different implementations of the Security
  services
• protocol-specific packages SECIOP, SSLIOP,...

26
CORBA Sec. Programming (3/3)

• Initial references
• PrincipalAuthenticator
• authenticate(...), continue_authentication(...)
• SecurityCurrent
• SecurityManager
• Security Attributes, Policies
• Attributes which security options are allowed,
  required (e.g. Confidentiality, Integrity,...)
• Policies which Credentials, Mechanism to use if
  several are available

27
Thanks!

• Questions?
• References
• http//www.omg.orgThe Object Management Group
• http//corbasec.n3.netThe project documentation
  page